package act.hpx.demo.springmvc.controller;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;

import act.hpx.demo.springmvc.pojo.User;
import act.hpx.demo.springmvc.service.UserService;

@Controller
public class UserController {
	@Resource
	private UserService userService;
	
	@RequestMapping("login/{userName}")
	public @ResponseBody
	String login(@PathVariable String userName) {
		UsernamePasswordToken token = new UsernamePasswordToken(userName, "e10adc3949ba59abbe56e057f20f883e");
		Subject subject = SecurityUtils.getSubject();
		subject.login(token);
		
		return "hello " +token.getUsername() +"/r/n"+token.getPassword();
	}
	
	@RequestMapping("logout")
	public @ResponseBody Object logout() {
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "logout success";
	}
	
	//@RequiresRoles("normal") 
	@RequestMapping(value="user/{id}")
	public @ResponseBody User getUser(@PathVariable int id) {
		User user = userService.getUserById(id);
		return user;
	}
	
	@RequiresRoles("normal")
	@RequestMapping("hasNormalRole")
	public @ResponseBody Object hasNormalRole() {
		return "has normal role";
	}
	
	@RequiresRoles("admin")
	@RequestMapping("hasAdminRole")
	public @ResponseBody Object hasAdminRole() {
		return "has admin role";
	}
	
	
	@RequiresPermissions("user:r")
	@RequestMapping("viewUser")
	public @ResponseBody Object viewUser() {
		return "viewUser";
	}
	
	@RequiresPermissions("user:d")
	@RequestMapping("deleteUser")
	public @ResponseBody Object deleteUser() {
		return "deleteUser";
	}
	
	
	
}
